All data submitted is expected to be either URL-encoded (for GET requests)
or application/x-www-form-urlencoded (i.e. formatted as an HTML form, for
either POST and PUT requests). Accept/Content-type based submission of
JSON/XML data will be implemented in a later release.

A meta parameter called _method is evaluated for each request to fake a
request method if needed. This is useful for older HTTP libraries or
JavaScript clients which cannot actually perform any of the more exotic
HTTP methods, such as PUT and DELETE.

Please note that for any write action using a cookie-based session,
the site will expect an additional request parameter, _tok, containing
a session ID. This is part of Adhocracy’s CSRF filter and it will
not apply to requests made using HTTP Basic authentication. Since the value
of _tok is not returned by the API, it is recommended to use HTTP Basic
for any API applications.

OAuth-based authorization is planned for a future release and will
allow for token-based access to specific resources or operations.